8-Character Windows NTLM Passwords Can Be Cracked In Under 2.5 Hours

Though many like to pretend that the debate is still alive and relevant, I tend to agree with the authors of this post from KnowBe4 – the 8 character password is dead.  It has honestly been dead for some time.  We need to move forward and consider stronger, more effective and memorable pass-phrases combined with multi-factor authentication options whenever available.

The NIST standard of “complex” 8 character passwords is mentioned in this post, but it is also worth mentioning that even NIST has recognized it is time to move beyond that standard.  New, revised standards are coming that involve less password rotation and more lengthened pass-phrases.

These steps are honestly not hard and they will keep your data safer than the good ol’ days of “Petsname123”.

https://blog.knowbe4.com/8-character-windows-ntlm-passwords-can-be-cracked-in-under-2.5-hours

Worst Sports-Related Passwords

Given all the fun currently underway with the NCAA tournaments, I thought this would be a worthy article to pass along.  Password management is always an important conversation and these sports related passwords are important to note and avoid.  Remember the value of a good passphrase.  “Wildcats” as a password can get you in trouble, but “IwanttheWildcatstolose!” will keep you much safer.

http://www.darkreading.com/endpoint/worst-sports-related-passwords-/d/d-id/1319578